I've 2 certificates, one for user authentication and another for machine authentication.
My user authentication includes certificate and private key based on which I've generated pkcs12 file using the following command:
openssl pkcs12 -export -clcerts -inkey private.key -in certificate.crt -out MyPKCS12.p12 -name "Your Name"
as suggested here: How can I add a private key to my keychain?
So User Authentication certificate loads fine in VPN configuration, but the problem is when I'm trying to select Machine Authentication. OSX can't find any suitable certificates, even I've imported it into Keychain (ca.crt).
The error says:
No machine certificates found
Certificate authentication cannot be used because your keychain does not contain any suitable certificates. Use Keychain Access to import the appropriate certificates into your keychain. If you do not have the certificates required for authentication, contact your network administrator.
How do I load my machine authentication certificate, so can be recognised by Keychain when configuring VPN (ca.crt & tls-auth ta.key)?
Related:
Best Answer
Not sure if it's possible using standard network settings, but you can configure VPN this way on OSX by using 3rd party software (e.g. Viscosity).